H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.

Slides:



Advertisements
Similar presentations
Secure Mobile IP Communication
Advertisements

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.
Mobile IP in Wireless Cellular Systems from several perspectives Charles E. Perkins Nokia Research Center.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
IP EDGE DEVICES A solution for the Internet Migration Patrick Cocquet, 6WIND CEO, IPv6 Forum VP Dubai IPv6 Forum Summit – February 2001.
MOBILE NETWORK LAYER Mobile IP.
Sun Microsystems, Inc. Security for Mobile IP in the 3G Networks Pat R. Calhoun Network and Security Center Sun Microsystems, Inc.
IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT
SIP roaming solution amongst different WLAN-based service providers Julián F. Gutiérrez 1, Alessandro Ordine 1, Luca Veltri 2 1 DIE, University of Rome.
Bootstrapping MIP6 Using DNS and IKEv2 (BMIP) James Kempf Samita Chakrarabarti Erik Nordmark draft-chakrabarti-mip6-bmip-01.txt Monday March 7, 2005.
H ELSINKI U NIVERSITY OF T ECHNOLOGY Increasing communication availability with signal-based mobile controlled handoffs D. Forsberg, J.T. Malinen, J.K.
Terminal Bridge Extension Over Distributed Architecture MSc. Sami Saalasti.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
1 Authentication Protocols Celia Li Computer Science and Engineering York University.
Telecommunication Networks Group Technical University Berlin Secure WLAN Operation and Deployment in Home and Small to Medium Size Office Environments.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
Slide 1, Dr. Wolfgang Böhm, Mobile Internet, © Siemens AG 2001 Dr. Wolfgang Böhm Siemens AG, Mobile Internet Dr. Wolfgang.
Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Lukas Ruf, TIK April 6th WP3 Presentation, ETH WP 3 -- Security Technology And Multimedia Delivery Computer Engineering and Networks Laboratory,
UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
1 © 1999, Cisco Systems, Inc. AAA/Mobile IP For 3G CDMA Systems Gopal Dommety and Allen Long.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Gregorio Martínez Pérez University of Murcia PROVIDING SECURITY TO UNIVERSITY ENVIRONMENT COMMUNICATIONS.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.
KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb Hyeongseop Shim NS Lab, Div. of.
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
Distributed Authentication in Wireless Mesh Networks Through Kerberos Tickets draft-moustafa-krb-wg-mesh-nw-00.txt Hassnaa Moustafa
1 Presentation_ID © 1999, Cisco Systems, Inc. Cisco All-IP Mobile Wireless Network Reference Model Presentation_ID.
AAA Registration Keys Charles E. Perkins/Nokia Research Pat R. Calhoun/Sun Microsystems.
1 Local Security Association (LSA) The Temporary Shared Key (TSK) draft-le-aaa-lsa-tsk-00.txt Stefano M. Faccin, Franck Le.
AAA and Mobile IPv6 Franck Le AAA WG - IETF55. Why Diameter support for Mobile IPv6? Mobile IPv6 is a routing protocol and does not deal with issues related.
Mobile IP Outline Intro to mobile IP Operation Problems with mobility.
1 A VPN based approach to secure WLAN access John Floroiu
Distributing Mobility Agents Hierarchically under Frequent Location Updates D. Forsberg, J.T. Malinen, J.K. Malinen, T. Weckström, M. Tiusanen TSE-Institute.
Security Mechanisms for Delivering Ubiquitous Services in Next Generation Mobile Networks Haitham Cruickshank University of Surrey workshop on Ubiquitous.
Doc.: IEEE /345r0 Submission May 2002 Albert Young, Ralink TechnologySlide 1 Enabling Seamless Hand-Off Across Wireless Networks Albert Young.
Wireless security Wi–Fi (802.11) Security
Draft-ietf-aaa-diameter-mip-15.txt Tom Hiller et al Presented by Pete McCann.
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
Applicability of Proxy Mobile IPv6 for Service Provider Wi-Fi Deployments Byju Pularikkal Rajeev Koodli Sri Gundavelli.
多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.
Security of the Internet of Things: perspectives and challenges
@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.
MIPv4-Diameter Update Tom Hiller Lucent Technologies.
Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.
Presented by Edith Ngai MPhil Term 3 Presentation
Introduction Wireless devices offering IP connectivity
Mobile Networking (I) CS 395T - Mobile Computing and Wireless Networks
2002 IPv6 技術巡迴研討會 IPv6 Mobility
Seraphim : A Security Architecture for Active Networks
SECURING WIRELESS LANS WITH CERTIFICATE SERVICES
Mobile IP Presented by Team : Pegasus Kishore Reddy Yerramreddy Jagannatha Pochimireddy Sampath k Bavipati Spandana Nalluri Vandana Goyal.
Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,
e-Security Solutions Penki Kontinentai Vladas Lapinskas
Security Activities in IETF in support of Mobile IP
Mobility Support in Wireless LAN
Mobile IP Outline Homework #4 Solutions Intro to mobile IP Operation
Mobile IP Outline Intro to mobile IP Operation Problems with mobility.
Presentation transcript:

H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory of Information Processing Science Helsinki University of Technology Finland H ELSINKI U NIVERSITY OF T ECHNOLOGY

Introduction Wireless Internet gaining momentum Yankee: 1billion users by 2003 Is access the wireless killer application? Mobile users need to be authenticated, authorized, and correctly billed. H ELSINKI U NIVERSITY OF T ECHNOLOGY

Problem Special needs for AAA protocol in Open environment Wireless environment H ELSINKI U NIVERSITY OF T ECHNOLOGY Problem dimensions Trust Security Efficiency

H ELSINKI U NIVERSITY OF T ECHNOLOGY Scope Mobile IPv4 environment that is –Open –Hierarchical –Wireless Lots of active mobile users Frequent, fast handoffs

H ELSINKI U NIVERSITY OF T ECHNOLOGY Scope

H ELSINKI U NIVERSITY OF T ECHNOLOGY Hierarchical Mobile IPv4 CNHA Internet Home Network WLAN FA5 FA2 HFA1 FA1 FA4FA3FA6FA4 Mobile Node FA5 FA2 SFA FA2 FA5 FA1 FA4 HFA1 Foreign Network H ELSINKI U NIVERSITY OF T ECHNOLOGY Mobile Node

H ELSINKI U NIVERSITY OF T ECHNOLOGY Criteria From IDs, scope and RFC criteria, classified and prioritized General, dimensional and AAA criteria GQM approach for measuring success

H ELSINKI U NIVERSITY OF T ECHNOLOGY My solution AAA Architecture with tick payments

H ELSINKI U NIVERSITY OF T ECHNOLOGY Design principles Parallel AAA and MIP signaling Reduced number of signaling messages Periodic payments SPKI with RSA Ideas from Ipay, DIAMETER and BillNeat

H ELSINKI U NIVERSITY OF T ECHNOLOGY Architectural elements AAAH, SHA, HA AAAF, HFA, FA Broker MN Buyer

H ELSINKI U NIVERSITY OF T ECHNOLOGY Architecture

H ELSINKI U NIVERSITY OF T ECHNOLOGY Trust relationships H ELSINKI U NIVERSITY OF T ECHNOLOGY

Security RSA for signatures SHA for payment messages Symmetric encryption for authentication, session keys, and signatures Session ID Billing ID Timestamps for replay protection

H ELSINKI U NIVERSITY OF T ECHNOLOGY Protocol operation Registration protocol –Slow mode: sequential, for compatibility –Fast mode: Parallel, optional grace period Payment protocol –Real time payments –Localized message handling –Policy based authorization –User controls the size of the bill

H ELSINKI U NIVERSITY OF T ECHNOLOGY Slow mode

H ELSINKI U NIVERSITY OF T ECHNOLOGY Fast mode

H ELSINKI U NIVERSITY OF T ECHNOLOGY Payment protocol

H ELSINKI U NIVERSITY OF T ECHNOLOGY Conclusions Potential for significant improvements with parallel signaling Static trust relationships concentrated within organizational units Flexibility with SPKI and Policy Management Tick payments: efficiency & control

H ELSINKI U NIVERSITY OF T ECHNOLOGY Future research ideas More extensive use of SPKI Trust relationships Certificate management Improved verification of credibility Integration with DIAMETER Policy management with distributed policies

H ELSINKI U NIVERSITY OF T ECHNOLOGY Q & A ?

H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström WWW H ELSINKI U NIVERSITY OF T ECHNOLOGY